help with code please

Discussion in 'ASP General' started by collie, Nov 9, 2003.

  1. collie

    collie Guest

    Hi,

    I have an asp page that needs to create 2 different cookies: one for
    the admin and one for the user. The code that I have to work with was
    created by someone else. the page first requires to login and if
    username and password match then the user is redirected to the same
    page where he sees details of his message.

    What I have to do is this: in my db i have a table called users with
    the fields u_id, u_password and access. Access can either be admin or
    user.
    In my asp page i have to create 2 cookies. The thing is that i am not
    sure how to do it. now i am using hardcode. i am not calling the
    access field from the table but i am writing access="admin". However
    the page that is meant to receive the data from the first page where i
    created the cookie doesn't work. no matter if access =admin or user it
    always gives me the message "access is user".

    Here is the code for the 1st page:
    dim access

    MM_LoginAction = Request.ServerVariables("URL")
    If Request.QueryString<>"" Then MM_LoginAction = MM_LoginAction + "?"
    + Request.QueryString
    MM_valUsername=CStr(Request.Form("Username"))

    If MM_valUsername <> "" Then
    MM_fldUserAuthorization=""
    MM_redirectLoginSuccess="myAds.asp"
    MM_redirectLoginFailed="myAds.asp"

    MM_flag="ADODB.Recordset"
    set MM_rsUser = Server.CreateObject(MM_flag)
    MM_rsUser.ActiveConnection = MM_connDUclassified_STRING
    MM_rsUser.Source = "SELECT U_ID, U_PASSWORD, ACCESS"
    If MM_fldUserAuthorization <> "" Then MM_rsUser.Source =
    MM_rsUser.Source & "," & MM_fldUserAuthorization
    MM_rsUser.Source = MM_rsUser.Source & " FROM USERS WHERE U_ID='" &
    MM_valUsername &"' AND U_PASSWORD='" & CStr(Request.Form("Password"))
    & "'"
    MM_rsUser.CursorType = 0
    MM_rsUser.CursorLocation = 2
    MM_rsUser.LockType = 3
    MM_rsUser.Open

    If Not MM_rsUser.EOF Or Not MM_rsUser.BOF Then

    ' username and password match - this is a valid user
    'DIM ACCESS
    ' access=(mm_rsuser.fields.item ("ACCESS").value)
    DIM U_ID
    DIM U_PWORD
    ACCESS="admin"
    '---create user cookie
    if ACCESS<>"admin" then
    Response.Cookies("UserCookie")("Username") =
    Request.Form("UserName")
    Response.Cookies ("UserCookie")("Password")=Request.Form ("Password")
    Response.Cookies("UserCookie").Path = "/"
    Response.Cookies ("UserCookie").expires =dateadd("h",1,now())
    Response.Write(Request.Cookies("UserCookie")("Username"))
    Response.Write (Request.Cookies("UserCookie")("Password"))

    '---end user cookie
    else
    'create admin cookie

    Response.Cookies("adminCOOKIE")("ADMINusername") =
    Request.Form("UserName")
    Response.Cookies ("adminCOOKIE")("ADMINPassword")=Request.Form
    ("Password")
    Response.Cookies("adminCOOKIE").Path = "/"
    Response.Cookies ("adminCOOKIE").expires =dateadd("h",1,now())
    Response.Write(Request.Cookies("adminCOOKIE")("ADMINusername"))
    Response.Write (Request.Cookies("adminCOOKIE")("ADMINPassword"))

    '---end admin cookie

    end if

    Session("MM_Username") = MM_valUsername
    If (MM_fldUserAuthorization <> "") Then

    Session("MM_UserAuthorization") =
    CStr(MM_rsUser.Fields.Item(MM_fldUserAuthorization).Value)
    Else
    Session("MM_UserAuthorization") = ""

    End If
    if CStr(Request.QueryString("accessdenied")) <> "" And false Then
    MM_redirectLoginSuccess = Request.QueryString("accessdenied")

    End If
    MM_rsUser.Close
    Response.Redirect(MM_redirectLoginSuccess)


    End If

    MM_rsUser.Close
    Response.Redirect(MM_redirectLoginFailed)

    End If
    %>

    2nd page:
    <%
    Dim Username
    Dim Password
    Dim adminU
    Dim adminP


    Username = ((Request.Cookies("UserCookie")("Username")))
    Password = ((Request.Cookies("UserCookie")("Password")))
    adminU =
    ((Request.Cookies("adminCOOKIE")("ADMINusername")))
    adminP =
    ((Request.Cookies("adminCOOKIE")("ADMINPassword")))
    If Username <> "" And Password <> "" Then
    Response.Write("username:" + Username + "<BR>")
    Response.Write("password:" + Password + "<BR>")
    Response.Write("Access is User" + "<BR>")

    ElseIf adminU <> "" And adminP <> "" Then
    Response.Write("adminusername:" + adminU + "<BR>")
    Response.Write("adminpassword:" + adminP + "<BR>")
    Response.Write("Access is admin")
    End If
    %>
     
    collie, Nov 9, 2003
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Replies:
    4
    Views:
    517
    Chris Uppal
    May 5, 2005
  2. KK
    Replies:
    2
    Views:
    584
    Big Brian
    Oct 14, 2003
  3. MuZZy
    Replies:
    7
    Views:
    1,761
    Mike Hewson
    Jan 7, 2005
  4. Kevin Wan
    Replies:
    5
    Views:
    727
    Kevin Wan
    Jan 17, 2007
  5. mera
    Replies:
    7
    Views:
    1,111
Loading...

Share This Page